Start using eduroam Visitor Access
Offer temporary connectivity to visitors associated with education or research.
Before you sign up to use eduroam Visitor Access you must ensure that your eduroam service can be configured to support it and that it meets your operational and security needs.
Please read the following documentation:
- eduroam Visitor Access guidance for UK federation IdP operators (pdf)
- Configuration and management (pdf)
- Create temporary eduroam accounts in five steps (pdf)
- Create groups and SMS events (pdf)
To participate in the eduroam Visitor Access service, there are two technical considerations:
1. Your organisation must participate in UKAMF or eduGAIN
Your administrators log in to the eduroam Visitor Access portal using UKAMF or eduGAIN credentials. Your organisation must participate in one of these federated identity schemes to be able to access the service.
If your organisation is a UKAMF member, you may need to make a minor change to your Shibboleth configuration to be able to access eduroam Visitor Access.
You can find more details in our eduroam Visitor Access guidance for UK IdP operators (pdf).
Your administrators log in to the eduroam Visitor Access portal using UKAMF or eduGAIN credentials. Your organisation must participate in one of these federated identity schemes to be able to access the service.
If your organisation is a UKAMF member, you may need to make a minor change to your Shibboleth configuration to be able to access eduroam Visitor Access.
You can find more details in our eduroam Visitor Access guidance for UK IdP operators (pdf).
2. Your organisation needs to participate in eduroam
For eduroam Visitor Access to function correctly, authentication requests originating from your site must carry the Operator-Name attribute correctly filled in with your realm.
This is best practice for eduroam in any case, but for this service it is required to ensure that your visitors do not accidentally log in at other organisation’s eduroam site.
Some implementations of RADIUS are unable to inject attributes in this way (eg MPS, ACS), and Jisc may be able to help by adding your Operator-Name attribute at the national RADIUS proxy (NRPS) level.
If your RADIUS server cannot do this, please let us know.
For eduroam Visitor Access to function correctly, authentication requests originating from your site must carry the Operator-Name attribute correctly filled in with your realm.
This is best practice for eduroam in any case, but for this service it is required to ensure that your visitors do not accidentally log in at other organisation’s eduroam site.
Some implementations of RADIUS are unable to inject attributes in this way (eg MPS, ACS), and Jisc may be able to help by adding your Operator-Name attribute at the national RADIUS proxy (NRPS) level.
If your RADIUS server cannot do this, please let us know.
All fields marked with an asterisk (*) are required.